From: Tony Paterra (apaterra@gmail.com)
Date: Thu Sep 14 2006 - 00:06:19 ART
I was working on a lab and one of the requirements was to allow only a
single multicast group (we'll say 239.1.1.1 for S&G) to flow across a
network without using 'ip multicast-boundary'. The network is set up
so that you 'don't enable multicast everywhere, just from an edge
router 'SW1' to a router w/ a directly connected subnet of interested
users 'R4'. Basically, creating a tunnel from an edge device to one
somewhere else in the topology.
Two questions...
1.) When you create a tunnel between SW1 and R4, it doesn't matter
what interfaces you use to source/dest as long as you enable PIM on
the Tunnel as well as the Ethernet segment that wants to receive the
stream (assuming the src/dest are in your routing table)?
Ex:
SW1:
int tunn0
ip unnumbered Loop0
tunnel source e0/0
tunnel dest R4.e0/0
ip pim dense-mode
int e0/0
ip pim dense-mode
R4:
int tunn0
ip unnumbered Loop0
tunnel source e0/0
tunnel dest SW1.G0/10
ip pim dense-mode
(With appropriate mroute's for RPF checks)
2.) To block traffic from flowing to R4 for everything but 239.1.1.1
and not using 'ip multicast boundary'... You can create an
access-list that:
permits 239.1.1.1
blocks all other multicast groups
permit ip any any
Now is there any reason why you would have to apply this outbound on
the Tunnel interface vs. inbound on the physical interface that is
receiving the stream (outside of dynamic routing protocols and
assuming that the physical interface was the only place that had
multicast enabled)?
-- Tony Paterra apaterra@gmail.com
This archive was generated by hypermail 2.1.4 : Sun Oct 01 2006 - 16:55:40 ART